End to end tests #81

Workflow file for this run

.github/workflows/ci-pipeline.yaml at d6b904e

	name: CI Pipeline

	permissions:
	contents: read
	pull-requests: write
	checks: write
	actions: read

	on:
	push:
	branches:
	- main
	pull_request:

	jobs:
	build-verification:
	name: Build Verification
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@v3

	- name: Install Terraform
	uses: hashicorp/setup-terraform@v2
	with:
	terraform_version: 1.9.3
	terraform_wrapper: false

	- name: Install Go
	uses: actions/setup-go@v1
	with:
	go-version: 1.21

	- name: Terraform Validate
	run: \|
	terraform init -backend=false
	terraform validate
	working-directory: infrastructure

	- name: Run Integration Tests
	run: \|
	terraform init -backend=false
	terraform test
	working-directory: tests/integration-tests

	- name: Run End to End Tests
	run: \|
	go mod tidy
	go test -v -timeout 10m
	working-directory: tests/end-to-end-tests
	env:
	ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }}
	ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }}
	ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }}
	ARM_SUBSCRIPTION_ID: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
	TF_STATE_RESOURCE_GROUP: ${{ secrets.TF_STATE_RESOURCE_GROUP }}
	TF_STATE_STORAGE_ACCOUNT: ${{ secrets.TF_STATE_STORAGE_ACCOUNT }}
	TF_STATE_STORAGE_CONTAINER: ${{ secrets.TF_STATE_STORAGE_CONTAINER }}

	static-code-analysis:
	name: Static Code Analysis
	runs-on: ubuntu-latest

	steps:
	- name: Checkout repository
	uses: actions/checkout@v3

	- name: Install Terraform
	uses: hashicorp/setup-terraform@v2
	with:
	terraform_version: 1.9.3

	- name: Run Terraform Format
	run: terraform fmt -check
	working-directory: infrastructure

	- name: Run Terraform Lint
	uses: terraform-linters/setup-tflint@v1
	with:
	tflint_version: latest
	- run: tflint

	- name: Install Checkov
	run: sudo apt-get update && sudo apt-get install -y python3-pip && pip3 install checkov

	- name: Run Checkov Scan
	run: checkov --directory infrastructure --skip-path example --list

	- name: Install GitLeaks
	run: \|
	curl -sSL https://github.com/zricethezav/gitleaks/releases/download/v8.2.4/gitleaks_8.2.4_linux_x64.tar.gz \| tar -xz
	sudo mv gitleaks /usr/local/bin/

	- name: Run GitLeaks Scan
	run: gitleaks detect --source . --config .gitleaks.toml

	- name: Install Trivy
	run: \|
	sudo apt-get update
	sudo apt-get install -y wget apt-transport-https gnupg lsb-release
	wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key \| sudo apt-key add -
	echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main \| sudo tee -a /etc/apt/sources.list.d/trivy.list
	sudo apt-get update
	sudo apt-get install -y trivy

	- name: Run Trivy Scan
	run: trivy filesystem --security-checks vuln,config --exit-code 1 --severity HIGH,CRITICAL --ignore-unfixed .

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

End to end tests #81

Workflow file

End to end tests #81

Jobs

Run details

Workflow file for this run